Full-Time

Application Security Engineer

Confirmed live in the last 24 hours

phia

phia

11-50 employees

Provides cybersecurity solutions for government agencies

Cybersecurity
AI & Machine Learning

Mid, Senior

No H1B Sponsorship

Remote in USA

Remote work allowed from anywhere within the United States.

US Citizenship, US Top Secret Clearance Required

Category
Cybersecurity
IT & Security
Required Skills
Bash
Python
Java
C#
Selenium
Linux/Unix
Requirements
  • 6+ years of Information Technology experience
  • 3+ years of experience with Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and IDE Plug-in environments, particularly using Veracode
  • 2+ years of hands-on experience with Java, Python, .NET, or C#
  • 3+ years of proficiency with Burp Suite for application security testing
  • 3+ years of experience designing and implementing enterprise-wide security controls
  • Expertise in securing enterprise web applications and thorough knowledge of OWASP Top 10, CVSS, CWE, WASC, and SANS-25
  • Familiarity with federal compliance standards, including NIST 800-53, FIPS, and FedRAMP
  • Proficiency in Linux or UNIX environments, including troubleshooting website connectivity issues
  • Experience with development environments such as Eclipse, JDeveloper, or Visual Studio
  • Strong understanding of CI/CD pipeline security integration
  • U.S. citizenship and ability to obtain a Public Trust clearance
  • Bachelor's degree in Computer Science, Information Technology, Information Security, or a related field
  • Experience with Interactive Application Security Testing (IAST) tools and methodologies
  • Proficiency with Selenium for automated testing
  • Skill in writing bash scripts for security automation
  • Hands-on experience with OWASP ZAP or Burp Proxy
  • Certifications in application security or related fields (e.g., CSSLP, OSCP, GWAPT)
Responsibilities
  • Collaborate with the federal client and application teams to maintain a robust security posture for high-visibility applications
  • Lead proactive security discussions with development teams to integrate best practices throughout the software development lifecycle
  • Conduct comprehensive application security assessments using dynamic and static testing methodologies
  • Perform threat modeling and security requirements analysis using tools like SD Elements
  • Execute in-depth application penetration testing using industry-standard tools such as Burp Suite
  • Implement and leverage the latest OWASP frameworks to enhance application security
  • Develop and maintain security controls to protect applications, systems, and infrastructure services
  • Provide expert guidance on remediating identified security flaws and vulnerabilities
  • Stay current with evolving security threats and compliance standards to ensure continuous improvement of security measures

phia LLC specializes in delivering tailored cyber assessments, proactive cybersecurity operations, security engineering, and advisory services, leveraging threat intelligence, operational realities, and industry best practices to counter advanced cyber threats for mission-critical teams within various government agencies. The company's main product focuses on providing sophisticated cyber solutions through intelligence-driven approaches and industry standards, utilizing a variety of frameworks informed by threat intelligence and operational realities.

Company Stage

N/A

Total Funding

N/A

Headquarters

Louisville, Kentucky

Founded

2011

Simplify Jobs

Simplify's Take

What believers are saying

  • The lack of detailed information makes it difficult to assess potential upsides for working at phia.

What critics are saying

  • The absence of company details and news articles presents a risk of uncertainty for potential employees or investors.

What makes phia unique

  • Without specific company information, it's challenging to identify phia's differentiation in the market.

Help us improve and share your feedback! Did you find this helpful?